Exchange problem

bremen1874 · 14 Aug 2011 at 21:46

I’m running Exchange 2007 as a part of SBS 2008. I recently changed ISPs and as a result my static IP changed, I updated my MX record and assumed that would be that.

I then found out that a company I have dealings with could no longer send emails to my domain. This company is also running Exchange 2007 on SBS 2008.

As far as I can tell there are no other problems either sending or receiving for either domain.

According to mxtoolbox.com everything on my domain is working as it should. I’ve also checked with Microsoft’s Remote Connectivity Analyzer and received a clean bill of health.

I’ve got remote access to the other companies server so I did some checking at their end.

From their server I tried nslookup –q=mx for my domain and it returned the correct information. I was also able to successfully send myself an email using telnet.

Using the Exchange Queue Viewer on their server I found that the messages they’d tried to send to me were flagged as 451 4.4.0 DNS query failed. After a bit of searching I followed a suggestion to enable ‘Use the External DNS Lookup settings on the transport server’ and this does seem to have fixed things.

Does anyone have any insight as to what the underlying problem might be?

droyden · 14 Aug 2011 at 23:09

Could be their internal dns servers are caching longer than they should?

bremen1874 · 14 Aug 2011 at 23:23

I should have mentioned that both servers have been rebooted, which should presumably have cleared any cached data.

MuttsNutts · 17 Aug 2011 at 14:44

Happens a lot this does so your not alone, My customers change ISP's all the time I do all the MX chages etc and then i get reports that there not getting emails they used to off regular customers..... Looking into it's usually DNS at fault and normally DNS servers hosted by the ISP's just as a rule I always add a free public DNS relay as a 3rd or 4th backup at least then it stops this sort of thing.......

bremen1874 · 17 Aug 2011 at 15:34

I did try adding Google's DNS servers in addition to the ISPs and it didn't seem to help. Perhaps I should have given them a higher priority?

Anyway, I haven't had any other problem reports so I'm going to assume that all is well for the moment.

MuttsNutts · 17 Aug 2011 at 22:33

There's a reg hack you can use to change the timeout delay on DNS order so if it fails to resolve within say xx seconds then try the next option.

8.8.8.8 or 4.4.4.4 are the most common one's I use....... Normally happens to the lesser smaller ISP's as it take them ages to do anything.

Nutbusta · 20 Aug 2011 at 08:07

bremen1874 said:
I did try adding Google's DNS servers in addition to the ISPs and it didn't seem to help. Perhaps I should have given them a higher priority?

Anyway, I haven't had any other problem reports so I'm going to assume that all is well for the moment.

Once windows makes an unsuccessful lookup it actually records the failure in the cache so adding a dns server later won't help.

DNS cache isn't cleared on reboot (i think) but depend on each records TTL (Time to live) when resolved.

It has to be said, dns is a quirky SOB.